Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '62268ee5df1819aae9d64b6dc6c8af15' = '"%TEMP%\CheatEngine7.0.exe" ..'
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] '62268ee5df1819aae9d64b6dc6c8af15' = '"%TEMP%\CheatEngine7.0.exe" ..'
- %APPDATA%\microsoft\windows\start menu\programs\startup\62268ee5df1819aae9d64b6dc6c8af15.exe
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\CheatEngine7.0.exe" "CheatEngine7.0.exe" ENABLE
- %TEMP%\cheatengine7.0.exe
- '0.###.ngrok.io':17503
- DNS ASK 0.###.ngrok.io
- '%TEMP%\cheatengine7.0.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\CheatEngine7.0.exe" "CheatEngine7.0.exe" ENABLE' (with hidden window)